Edward McAndrew

Edward McAndrew

Ballard Spahr LLP

Contact

Readers' Choice Awards

Cybersecurity
View Bio
RSS

Latest Posts › Data Protection

Share:

Welcome to National Cybersecurity Awareness Month

This month marks fifteen years of observing National Cyber Security Awareness Month (NSCAM) in October. The program was started way back in 2004, by the U.S. Department of Homeland Security and the National Cyber Security...more

10/3/2018  /  Critical Infrastructure Sectors , Cyber Threats , Cybersecurity , Data Protection , Data Security , Hackers , Risk Management

South Carolina Enacts First Insurance Data Security Act

South Carolina has become the first state to enact a version of the Insurance Data Security Model Law, which was drafted by the National Association of Insurance Commissioners (NAIC) in 2017. Governor Henry McMaster signed...more

5/21/2018  /  Cybersecurity , Cybersecurity Framework , Data Protection , Incident Response Plans , Information Technology , Insurance Industry , NAIC , Popular , Risk Assessment , Risk Management , State and Local Government , Third-Party Service Provider

Alabama Becomes 50th State to Enact Data Breach Notification Law

Alabama has officially joined the data breach notification party. Alabama Governor Kay Ivey signed Act No. 2018-396 into law on March 28, 2018. The law will take effect on May 1, 2018....more

4/3/2018  /  Corporate Counsel , Cybersecurity , Data Breach , Data Protection , Data Security , New Legislation , Notice Requirements , Personally Identifiable Information , State and Local Government , State Data Breach Notification Statutes

Alabama Becomes 50th State to Enact Data Breach Notification Law

Alabama has officially joined the data breach notification party. Alabama Governor Kay Ivey signed Act No. 2018-396 into law on March 28, 2018. ...more

4/3/2018  /  Cyber Attacks , Cybersecurity , Data Breach , Data Protection , Hackers , New Legislation , Personally Identifiable Information , Popular , Risk Management , State and Local Government , State Data Breach Notification Statutes

South Dakota Enacts Data Breach Notification Law

South Dakota has become the 49th State to enact a data breach notification law. South Dakota Governor Dennis Daugaard signed SB 62 into law on March 21, 2018. The law will take effect on July 1, 2018....more

3/23/2018  /  Cyber Attacks , Cybersecurity , Data Breach , Data Protection , Hackers , New Legislation , Personally Identifiable Information , Popular , Risk Management , State and Local Government , State Data Breach Notification Statutes

Delaware Amends Data Breach Statute

Delaware has joined the growing list of states that have recently amended their data breach laws. With passage of the first significant amendments to its data breach law since 2005, Delaware continues a state-law trend of...more

8/18/2017  /  Amended Legislation , Corporate Counsel , Cybersecurity , Data Breach , Data Protection , Personally Identifiable Information

Maryland Amends Data Breach Notification Law

The Maryland General Assembly recently amended the Maryland Personal Information Protection Act to expand the definition of personal information, provide a 45-day timeframe for providing notice of a breach, allow for...more

8/4/2017  /  Biometric Information , Cybersecurity , Data Breach , Data Protection , Health Insurance Portability and Accountability Act (HIPAA) , New Legislation , Notification Requirements , Personally Identifiable Information , Popular

NYDFS Updates FAQs to Clarify Cybersecurity Regulations

The New York Department of Financial Services (NYDFS) recently updated frequently asked questions (FAQs) about its cybersecurity regulations, 23 NYCRR 500, to address four new issues. NYDFS published its initial set of FAQs...more

7/17/2017  /  Banking Sector , Chief Information Security Officer (CISO) , Covered Entities , Cybersecurity , Cybersecurity Framework , Data Protection , Financial Institutions , Financial Services Industry , Insurance Industry , NYDFS , Personally Identifiable Information , Popular , Risk Management , Third-Party Risk

Ponemon Institute Study on Costs of Data Breaches Highlights Improvement and New Risks for U.S. and Global Companies

The average cost of a data breach, on both an aggregate and a per-record basis, has decreased slightly according to the Ponemon Institute's 2017 Cost of Data Breach Study: Global Overview. In addition to presenting recent...more

6/29/2017  /  Corporate Counsel , Cyber Attacks , Cyber Crimes , Cybersecurity , Data Breach , Data Breach Costs , Data Protection , Data Security , Hackers , Personally Identifiable Information , Popular , Young Lawyers

Colorado Division of Securities Publishes Final Cybersecurity Rules

The Colorado Division of Securities (Division) has published final cybersecurity rules applicable to broker-dealers and investment advisers. The Colorado Attorney General's office has 20 days to write an opinion on the rules,...more

5/23/2017  /  Broker-Dealer , Cybersecurity , Data Protection , Electronic Communications , Final Rules , Financial Markets , Financial Services Industry , Personally Identifiable Information , Popular , Risk Management

White House Issues New Cybersecurity Executive Order

President Trump recently signed the Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. The Order sets forth the Trump Administration's policy for cybersecurity of...more

5/18/2017  /  Critical Infrastructure Sectors , Cyber Attacks , Cyber Crimes , Cyber Threats , Cybersecurity , Data Protection , Executive Orders , Hackers , Popular , Risk Management , Trump Administration

Is Your Organization Ready for a Systemwide Ransomware Attack?

Ransomware attacks just went big time. In a period of mere hours late last week, a global ransomware attack infected more than 200,000 computers and affected more than 100,000 organizations in over 150 countries. To put this...more

5/17/2017  /  Cyber Attacks , Cyber Crimes , Cyber Threats , Cybersecurity , Data Breach , Data Protection , Hackers , Malware , Personally Identifiable Information , Phishing Scams , Popular , Ransomware

Colorado Proposes Cybersecurity Rules for Investment Advisers, Broker-Dealers

The Colorado Division of Securities recently issued proposed rules directed at establishing cybersecurity requirements for broker-dealers and investment advisers. The proposed rules were issued only a month after New York...more

4/27/2017  /  Broker-Dealer , Cybersecurity , Data Protection , Electronic Communications , Financial Services Industry , Investment Adviser , Investment Products , Popular , Risk Assessment , Securities and Exchange Commission (SEC)

EU e-Privacy Regulation Raises Stakes for Compliance

The European Commission's proposed e-privacy regulation sets forth obligations on handling electronic communications and clarifies obligations for seeking consent for the use of cookies. Meant to bring the e-privacy directive...more

1/13/2017  /  Cookies , Corporate Counsel , Data Breach , Data Collection , Data Privacy , Data Protection , Disclosure Requirements , e-Privacy Directive , Electronic Communications , EU , Facebook , Fines , General Data Protection Regulation (GDPR) , Google , Metadata , Mobile Apps , Prior Express Consent , Privacy Laws , Telecommunications , WhatsApp

NYDFS Revises Cybersecurity Regulation, Extends Effective Date to March 1, 2017

The New York Department of Financial Services (NYDFS) announced today a revised regulation that will require all institutions subject to NYDFS supervision to establish and maintain a cybersecurity program meeting "certain...more

12/29/2016  /  Banking Sector , Banks , Chief Information Security Officer (CISO) , Comment Period , Cybersecurity , Cybersecurity Framework , Data Protection , Financial Institutions , Financial Services Industry , Insurance Industry , NYDFS , Risk Management , Third-Party Service Provider

FTC Examines Process by which Companies Assess Compliance with PCI DSS

The Federal Trade Commission (FTC) has issued orders to obtain information about the process by which businesses audit their compliance with the Payment Card Industry Data Security Standards (PCI DSS) and the role of such...more

3/10/2016  /  Consumer Financial Protection Bureau (CFPB) , Credit Cards , Data Protection , Dwolla , Federal Trade Commission (FTC) , Online Payments , PCI-DSS Standard , Reporting Requirements , Retail Market

EU-U.S. Privacy Shield Framework Text Published: Imposes New Obligations on U.S. Entities that Seek Data Transfers from the EU

The European Commission (EC) has released details of the EU-U.S. Privacy Shield, a new framework under which personal data may be transferred from the European Union (EU) to the United States. The Privacy Shield replaces the...more

3/9/2016  /  Data Protection , Data Protection Authority , EU , EU-US Privacy Shield , European Commission , Federal Trade Commission (FTC) , International Data Transfers , Personal Data

President Creates Cybersecurity National Action Plan and Commission on Enhancing National Cybersecurity

President Obama's Cybersecurity National Action Plan (CNAP), a comprehensive plan to address the nation's cybersecurity challenges through increased funding, a more robust cybersecurity workforce, and education initiatives,...more

2/25/2016  /  Chief Information Security Officer (CISO) , Cybersecurity , Cybersecurity National Action Plan (CNAP) , Data Protection , Executive Orders , Information Technology , Obama Administration , Popular
18 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide